基于最小熵的完整性度量
|
摘要
在实际计算机系统中可信信息不可避免地会被更改,因此有必要定量刻画信息的完整性,目的在于度量有多少的更改是可容忍的.本文针对攻击者能够一次最大可能更改可信信息的情况,结合信息流完整性模型,将程序建模为信道,使用最小熵定量描述信息完整性.首先刻画信息完整性中的污染和抑制两种情形.基于此,进一步给出污染和信道容量之间的关系;并讨论复合程序的完整性的问题.最后,分析讨论负信息流的情况.
It is possible necessary in practice to accept some tampering of trusted information,this motivates the development of theories of quantitative information integrity aimed at showing that some tampering are small and therefore tolerable. In this paper,we focus on the threat model that an attack will modify the trusted information as much as possible in one try. Based on the information integrity model,we use the min-entropy to quantify the trusted information by modeling a program as a communication channel. We quantify the contamination and the channel suppression in information integrity.We then analyze the relationship between the contamination and the capacity of the channel,and consider the integrity in the cascade of the programs. Finally,we discuss the negative value case in quantitative information integrity.
It is possible necessary in practice to accept some tampering of trusted information,this motivates the development of theories of quantitative information integrity aimed at showing that some tampering are small and therefore tolerable. In this paper,we focus on the threat model that an attack will modify the trusted information as much as possible in one try. Based on the information integrity model,we use the min-entropy to quantify the trusted information by modeling a program as a communication channel. We quantify the contamination and the channel suppression in information integrity.We then analyze the relationship between the contamination and the capacity of the channel,and consider the integrity in the cascade of the programs. Finally,we discuss the negative value case in quantitative information integrity.
引文
[1]徐明迪,张焕国,张帆,等.可信系统信任链研究综述[J].电子学报,2014,42(10):2024-2031.Xi M ingdi,Zhang Huanguo,Zhang Fan,et al.Survey on chain of trust of trusted system[J].Acta Electronica Sinica,2014,42(10):2024-2031.(in Chinese)
[2]王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667.Wang Xiaoming,Fu Hong,Zhang Lichen.Reserch progress on attribute-based access control[J].Acta Electronica Sinica,2010,38(7):1660-1667.(in Chinese)
[3]吴泽智,陈性元,杨智,等.信息流控制研究进展[J].软件学报,2017,28(1):135-159.Wu Zezhi,Chen Xingyuan,Yang Zhi,et al.Survey on information flow control[J].Chinese Journal of Softw are,2017,28(1):135-159.(in Chinese)
[4]Qian Z J,Liu W,Huang H.Research on microkernel integrity semantics model and formal verification[J].Chinese Journal of Electronics,2014,23(1):43-48.
[5]Zhang J M,Tao S Q,Liang J Y.Logical implication of structural integrity constraints for XM L[J].Chinese Journal of Electronics,2009,18(2):243-248.
[6]彭长根,丁红发,朱义杰,等.隐私保护的信息熵模型及其度量方法[J].软件学报,2016,27(8):1891-1903.Peng Changgen,Ding Hongfa,Zhu Yijie,et al.Information entropy models and privacy metrics methods for privacy protection[J].Chinese Journal of Softw are,2016,27(8):1891-1903.(in Chinese)
[7]Clarkson M R,Myers A C,Schneider F B.Quantifying information flow w ith beliefs[J].Journal of Computer Security,2009,17(5):655-701.
[8]Alvim M S,Chatzikokolakis K,Mciver A,et al.Axioms for information leakage[A].Proceedings of the 29th IEEE Symposium on Computer Security Foundations[C].Washington DC:IEEE Computer Society,2016.77-92.
[9]Hamadou S,Palamidessi C,Sassone V.Quantifying leakage in the presence of unreliable sources of information[J].Journal of Computer and System Sciences,2017.88:27-52.
[10]Clarkson M R and Schneider F B.Quantification of integrity[J].M athematical Structures in Computer Science,2015.25:207-258.
[11]Biba K J.Integrity Considerations for secure computer systems[J].Austranlian Journal of Statistics,1977,13(1):27-35.
[12]Smith G.On the foundations of quantitative information flow[A].Proceedings of the 12th International Conference on Foundations of Softw are Science and Computational Structures[C].Berlin Heidelberg:Springer,2009.5504:288-302.
[13]Espinoza B,Smith G.Min-entropy leakage of channels in cascade[A].Proceedings of the Formal Aspects of Security and Tust Lecture Notes in Computer Science[C].Berlin Heidelberg:Springer,2012.7140:70-84.
[14]Alvim M S,Chatzikokolakis K,Palamidessi C,et al.M easuring information leakage using generalized gain functions[A].Proceedings of the 25th IEEE Computer Security Foundations Symposium[C].Washington DC:IEEE Computer Society,2012.265-279.
[15]Espinoza B,Smith G.Min-entropy as a resource[J].Information and Computation,2013.226(2):57-75.
[16]Backes M,K9pf B,Rybalchenko A.Automatic discovery and quantification of information leaks[A].Proceedings of the 30th IEEE Symposium on Security and Privacy[C].Washington DC:IEEE Computer Society,2009.141-153.
[17]Shannon C E.A mathematical theory of communication[J].Bell System Technical Journal,1948.27:379-423.
[18]Cover T M,Thomas J A.Elements of Information Theory[M].Hoboken,New Jersey:Published by John Wiley&Sons,Inc,2006.
[19]Renyi A.On measures of information and entropy[J].M aximum-Entropy and Bayesian M ethods in Science and Engineering,1961,1(2):547-561.
[20]Ngo T M,Huisman M.Quantitative security analysis for programs w ith low input and noisy output[A].Proceedings of Engineering Secure Softw are and Systems[C].Sw itzerland:Springer International,2014.77-94.
[2]王小明,付红,张立臣.基于属性的访问控制研究进展[J].电子学报,2010,38(7):1660-1667.Wang Xiaoming,Fu Hong,Zhang Lichen.Reserch progress on attribute-based access control[J].Acta Electronica Sinica,2010,38(7):1660-1667.(in Chinese)
[3]吴泽智,陈性元,杨智,等.信息流控制研究进展[J].软件学报,2017,28(1):135-159.Wu Zezhi,Chen Xingyuan,Yang Zhi,et al.Survey on information flow control[J].Chinese Journal of Softw are,2017,28(1):135-159.(in Chinese)
[4]Qian Z J,Liu W,Huang H.Research on microkernel integrity semantics model and formal verification[J].Chinese Journal of Electronics,2014,23(1):43-48.
[5]Zhang J M,Tao S Q,Liang J Y.Logical implication of structural integrity constraints for XM L[J].Chinese Journal of Electronics,2009,18(2):243-248.
[6]彭长根,丁红发,朱义杰,等.隐私保护的信息熵模型及其度量方法[J].软件学报,2016,27(8):1891-1903.Peng Changgen,Ding Hongfa,Zhu Yijie,et al.Information entropy models and privacy metrics methods for privacy protection[J].Chinese Journal of Softw are,2016,27(8):1891-1903.(in Chinese)
[7]Clarkson M R,Myers A C,Schneider F B.Quantifying information flow w ith beliefs[J].Journal of Computer Security,2009,17(5):655-701.
[8]Alvim M S,Chatzikokolakis K,Mciver A,et al.Axioms for information leakage[A].Proceedings of the 29th IEEE Symposium on Computer Security Foundations[C].Washington DC:IEEE Computer Society,2016.77-92.
[9]Hamadou S,Palamidessi C,Sassone V.Quantifying leakage in the presence of unreliable sources of information[J].Journal of Computer and System Sciences,2017.88:27-52.
[10]Clarkson M R and Schneider F B.Quantification of integrity[J].M athematical Structures in Computer Science,2015.25:207-258.
[11]Biba K J.Integrity Considerations for secure computer systems[J].Austranlian Journal of Statistics,1977,13(1):27-35.
[12]Smith G.On the foundations of quantitative information flow[A].Proceedings of the 12th International Conference on Foundations of Softw are Science and Computational Structures[C].Berlin Heidelberg:Springer,2009.5504:288-302.
[13]Espinoza B,Smith G.Min-entropy leakage of channels in cascade[A].Proceedings of the Formal Aspects of Security and Tust Lecture Notes in Computer Science[C].Berlin Heidelberg:Springer,2012.7140:70-84.
[14]Alvim M S,Chatzikokolakis K,Palamidessi C,et al.M easuring information leakage using generalized gain functions[A].Proceedings of the 25th IEEE Computer Security Foundations Symposium[C].Washington DC:IEEE Computer Society,2012.265-279.
[15]Espinoza B,Smith G.Min-entropy as a resource[J].Information and Computation,2013.226(2):57-75.
[16]Backes M,K9pf B,Rybalchenko A.Automatic discovery and quantification of information leaks[A].Proceedings of the 30th IEEE Symposium on Security and Privacy[C].Washington DC:IEEE Computer Society,2009.141-153.
[17]Shannon C E.A mathematical theory of communication[J].Bell System Technical Journal,1948.27:379-423.
[18]Cover T M,Thomas J A.Elements of Information Theory[M].Hoboken,New Jersey:Published by John Wiley&Sons,Inc,2006.
[19]Renyi A.On measures of information and entropy[J].M aximum-Entropy and Bayesian M ethods in Science and Engineering,1961,1(2):547-561.
[20]Ngo T M,Huisman M.Quantitative security analysis for programs w ith low input and noisy output[A].Proceedings of Engineering Secure Softw are and Systems[C].Sw itzerland:Springer International,2014.77-94.